{"id":22281539,"url":"https://github.com/spassarop/antisamy-dotnet","last_synced_at":"2025-10-13T18:31:42.309Z","repository":{"id":39529900,"uuid":"295029247","full_name":"spassarop/antisamy-dotnet","owner":"spassarop","description":"A library for performing fast, configurable cleansing of HTML coming from untrusted sources, made on .NET.","archived":false,"fork":false,"pushed_at":"2024-01-02T01:23:48.000Z","size":11330,"stargazers_count":3,"open_issues_count":0,"forks_count":2,"subscribers_count":2,"default_branch":"develop","last_synced_at":"2024-12-03T16:18:54.417Z","etag":null,"topics":["css","dotnet-core","dotnet-framework","dotnet-standard","html","html-input-validation","javascript","owasp","owasp-antisamy","security-tools","xss-filter"],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/spassarop.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2020-09-12T21:29:25.000Z","updated_at":"2024-08-10T13:47:46.000Z","dependencies_parsed_at":"2023-12-21T18:45:20.562Z","dependency_job_id":null,"html_url":"https://github.com/spassarop/antisamy-dotnet","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spassarop%2Fantisamy-dotnet","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spassarop%2Fantisamy-dotnet/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spassarop%2Fantisamy-dotnet/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spassarop%2Fantisamy-dotnet/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/spassarop","download_url":"https://codeload.github.com/spassarop/antisamy-dotnet/tar.gz/refs/heads/develop","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":236385793,"owners_count":19140689,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["css","dotnet-core","dotnet-framework","dotnet-standard","html","html-input-validation","javascript","owasp","owasp-antisamy","security-tools","xss-filter"],"created_at":"2024-12-03T16:19:07.992Z","updated_at":"2025-10-13T18:31:36.941Z","avatar_url":"https://github.com/spassarop.png","language":"C#","funding_links":[],"categories":[],"sub_categories":[],"readme":"# OWASP AntiSamy .NET\n\n[![Codacy Badge](https://api.codacy.com/project/badge/Grade/4d5e15cf396e4d5ca659bd9d71f3f57d)](https://app.codacy.com/manual/spassarop/antisamy-dotnet?utm_source=github.com\u0026utm_medium=referral\u0026utm_content=spassarop/antisamy-dotnet\u0026utm_campaign=Badge_Grade_Dashboard)\n[![Actions Status](https://github.com/spassarop/antisamy-dotnet/workflows/CI/badge.svg)](https://github.com/spassarop/antisamy-dotnet/actions)\n![CodeQL](https://github.com/spassarop/antisamy-dotnet/workflows/CodeQL/badge.svg)\n\nA library for performing fast, configurable cleansing of HTML coming from untrusted sources. Refactored from an [old project in .NET Framework 2.0](https://wiki.owasp.org/index.php/Category:OWASP_AntiSamy_Project_.NET).\n\nAnother way of saying that could be: It's an API that helps you make sure that clients don't supply malicious cargo code in the HTML they supply for their profile, comments, etc., that get persisted on the server. The term \"malicious code\" in regard to web applications usually mean \"JavaScript.\" Mostly, Cascading Stylesheets are only considered malicious when they invoke JavaScript. However, there are many situations where \"normal\" HTML and CSS can be used in a malicious manner.\n\nThis project will be trying to be in sync with the original Java version, its repository can be found [here](https://github.com/nahsra/antisamy).\n\nCheck the [wiki](https://github.com/spassarop/antisamy-dotnet/wiki) for information on how to use, build, test and more.\n\n**Important note**: Since 1.2.0 the example policy files that were previously included in the NuGet package are removed. Each developer/deployer must manually place a policy in a location of their choice. For mor information about policies, refer to the wiki mentioned above.\n\n## Contributing to OWASP AntiSamy .NET\n\n### Found an issue?\nIf you have found a bug, then create an issue in the OWASP AntiSamy .NET repository: \u003chttps://github.com/spassarop/antisamy-dotnet/issues\u003e.\n\n### Found a vulnerability?\nIf you have found a vulnerability in OWASP AntiSamy .NET, first search the issues list (see above) to see if it has already been reported. If it has not, then please contact Sebastián Passaro (sebastian.passaro at owasp.org) directly. Please do not report vulnerabilities via GitHub issues as we wish to keep our users secure while a patch is implemented and deployed. If you wish to be acknowledged for finding the vulnerability, then please follow this process.\n\nMore detail is available in the file: [SECURITY.md](https://github.com/spassarop/antisamy-dotnet/blob/main/SECURITY.md).\n\n## License\nReleased under the [BSD-3-Clause](https://opensource.org/licenses/BSD-3-Clause) license as specified here: [LICENSE](https://github.com/spassarop/antisamy-dotnet/blob/main/LICENSE). \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fspassarop%2Fantisamy-dotnet","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fspassarop%2Fantisamy-dotnet","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fspassarop%2Fantisamy-dotnet/lists"}